Policy on Universal Off-Campus
Computer Access
to Information Resources
I. Perspective and Preface
The California State University, Sacramento (CSUS) strategic plan suggests harnessing all present instructional and administrative technology systems and, wherever possible, engaging in new forms of educational delivery to serve gross numbers of the University's constituency. The foundation for this infers a technology framework intended to serve the needs of students, faculty, staff and others identified by the University. An "external infrastructure" provides the means by which programs and services are imported or exported among the campus, the California State University system, and other information providers so as to engage and empower students, faculty, staff and others "anytime, anyplace, anywhere."
II. Introduction
The communications needs of the information age are staggering and only beginning to be fully understood. One thing is clear and that is that information technology has essentially reached commodity status. Like any commodity, however, information has value only when it is exchanged or applied. The University is faced with a rapidly increasing number of information-producing and information-based devices that must communicate with each other. For that reason, the CSUS current information resource (computer) environment consists of a network of users with the potential capacity to access almost any on-line system via an extensive and complex bridging of dedicated computer connections with local area, metropolitan area and wide area network services. Intrinsic to these networks and the applications that reside thereon is a relatively stable and secure environment. These conditions change radically and are often open to security breaches when any public off-campus access service facilities are applied, permitting remote or distance desktop computers, portable and laptop computer users open access to information resources and data bases. The most severe of these occurs when off-campus access is used to reach personal computers with direct connections to local, metropolitan and/or wide area network resources. To protect against the risks associated with unauthorized off-campus access users penetrating a computer system, the Division of Computing, Communications and Media Services (CCMS) employs a wide range of programs and policies to minimize the risk of data destruction, data modification, data theft and computer time theft.
In an era when the value of information lies in its availability, it is equally important to protect that data or information resource from those unauthorized to use it. All of this implies a series of solutions intended to make a maximum use of limited dollars, open connectivity options, efficient operations, modular growth and economic use of existing facilities. The following establishes a policy framework by which the campus may apply this concept while ensuring off-campus computer access, security and development as may be required by the diverse and innovative nature of the University and its various academic and administrative program centers.
III. Purpose
It is the purpose of this policy to:
1. Establish a cost efficient and transparent interconnection of information interchanges for CSUS students, faculty, staff and designated others across an off-campus access network while at the same time, limiting the vulnerability and risk to computer network system integrity through security breaches, misuse and damage.
2. Ensure controlled progress toward a fully networked campus with appropriate policies and procedures that address compatibility, network access services and capacity internal and external to the campus.
3. Optimize growth and development and ensure that any technological designs remain consistent with the mission, goals and objectives of the University.
4. Where and whenever technically, programmatically or administratively possible, present a single system image to all users through a standard graphical user interface and protocols.
5. Describe those off-campus access service applications which may be defined as "universal" and "University sponsored" and the provisions for their use.
6. Describe those off-campus access services which are not designated as "University sponsored" but rather as "Program Center sponsored" and the rules and regulations governing their development and deployment.
7. Describe a process by which others than CSUS students, faculty and staff may gain "community entry" privileges to either "University sponsored" or "Program Center sponsored" off-campus access services.
IV. Policy Principles
A. Duties Assigned to CCMS
It is the intent of this policy to "charge" CCMS and its University Computing and Communications Services (UCCS) unit with the responsibility for establishing, managing and developing a centralized "Off-Campus Computer Access" utility to serve the universal requirements of the campus. Information resource providers residing on UCCS hosts and/or other distributed networked platforms, having applied and been designated as "University sponsored" by the Telecommunications Management Committee (TMC) shall have equal access to off-campus computer resources and services funded by the University for this purpose.
To simplify user access and to limit the requirement to over build the front end, it is understood that, at this time, different access points may be listed to serve the individual group needs of students, faculty, staff and others identified by the University.
It is UCCS' responsibility to provide the generic applications, tools and personnel support required to permit information resources so designated to be accessed by the user population. UCCS actions are guided and pursuant to industry standards, compatible operating systems and/or protocols, hardware availability, etc. In general, the actual data and/or decentralized information resources made readily accessible to the user population are not the responsibility of UCCS.
Whether centralized or not, UCCS is also charged with the responsibility for maintaining a secure environment and for educating the user population on security policies, practices, and for articulating risks which threaten the University computer and network integrity. UCCS is empowered to guard against such breaches, misuses and damages. Abuse or security concerns which represent immediate damage, breach or compromise shall be acted upon immediately by CCMS/UCCS management, including termination of services if necessary. Activities requiring intervention of this type will be reported immediately to the Vice President for Administration.
B. Conditions of Access
Positive identification of every off-campus access user is essential for restricting unauthorized access to a system. Individual passwords and, when necessary, physical devices shall be used as the primary means of identifying users.
Positive identification of the user in combination with the individual's password determines authenticity and the level of that person's authorization in gaining access to an information resource.
A complete list of valid off-campus access users shall be maintained along with their current status, eliminating all students, faculty, staff or others identified by University who are no longer with the campus or whose position and affiliation no longer requires access.
C. Off-Campus Access for Students, Faculty, and Staff
There are two general approaches to off-campus access for students, faculty and staff to information resources and they are defined as (1) "University sponsored" and (2) Program Center sponsored.
1. University sponsored off-campus access is defined as those departments, program centers or units providing a service, function and/or information data base resource or series of resources which are universal in nature, generic in form and structure and having an appeal or need that transcends most, if not all, academic and administrative boundaries respectively. Its constituency represents a wide range of the students, faculty and staff that comprise the University as a whole. University sponsored off-campus access means that the information provider has the opportunity to use the CCMS/UCCS modem pool, at no direct cost to them, as their entry into the University's computer backbone network. Representative examples of University sponsored program center functions that are universal include, but are not limited to, access to E-Mail, mainframe computers and the Library's on-line catalogue "Eureka@"by the students, faculty and staff of the University.
Academic and/or administrative entities desiring their service, function or database to be designated as a "University sponsored" project shall submit their request in writing to the respective Academic and/or Administrative Advisory Committee for evaluation. The criteria and rationale for recommending a positive outcome shall be submitted to the Telecommunications Management Committee (TMC) for their review and final action. TMC has the authority to designate a "University sponsored" project status directly, should the committee wish to do so.
Designating a project as "University sponsored" means that the service, function and/or information data base resource can be delivered and integrated as a part of the existing CCMS/UCCS off-campus access environment. Any hardware, equipment, and application support, required by UCCS to enact said integration is the financial responsibility of the project developer, unless otherwise directed by TMC.
2. Program Center or Department sponsored is defined as those academic or administrative units providing services and/or informational data bases which are non-universal in nature, having a targeted audience not representative of the entire academic and administrative community. The constituency, therefore, represents a narrower range of the students, faculty and the staff than those that encompass the University as a whole. Representative examples of the department or program center sponsored projects include, but are not limited to, departmental servers, personal computers and uncontrolled access to the Library's on-line catalogue "Eureka" by the general public.
A department or program center's decision to sponsor its own initiative means that the service, function and/or information data base resource it mounts may not be directly accessible to the department or program center's users via the University off-campus access to the modem pool maintained by CCMS/UCCS. As a consequence of this, department or program centers wishing to sponsor computer access, will be required to install and maintain direct off-campus access to ports from the local operating company, the cost of which shall be borne by the department or program center. This action shall be coordinated with CCMS and the University Telecommunication Services (UTS) unit.
Similarly, and before ordering its direct off-campus access circuits, the department or program center will meet with representatives from UCCS to review the programmatic and technical design by which the sponsoring unit will offer its targeted services and integrate with, if at all, other University's computer platforms and networks. UCCS' function is to ensure that the distributed service or resource being proposed, offers no security risk to University computer systems/data and maintains network system integrity. Proposed systems engineered by the department or program center failing to provide direct security or meet system integrity will be considered a potential security breach and reported immediately by the Assistant Vice President for Administration/Telecommunications to the Vice President for Administration. This system will not be authorized to commence operations until the faulted condition has been resolved by the department or sponsoring program center and is agreed to by the Vice President for Administration.
Any hardware, equipment, application support, etc., required by UCCS to enact said integration is the financial responsibility of the project developer, unless otherwise directed.
Inclusion of another campus unit's data base and/or special application as a part of any independently developed Program Center sponsoring effort must be negotiated with that unit before the Program Center sponsored service commences operation.
Operational systems maintained by a department or program center demonstrating abuse or security concerns which represent immediate damage, breach or compromise by their linkage with the University's computer platforms and networks will be terminated immediately, as directed by the Assistant Vice President for Administration/Telecommunications and reported to the Vice President for Administration for consideration and judgment.
Program center or department services or resources being proposed and/or operating as a "stand alone system" and not integrating with any University computer or network system are unencumbered by this policy.
D. Off-Campus Access for Community Entry to "University Sponsored" and "Program Center Sponsored" Resources
CSUS, as a regional comprehensive public institution, has, among its mission, a related research and public service role. Therefore, there is a wide array of standing and ongoing linkages, agreements, partnerships and alliances with CSUS alumni, private citizens, educational institutions, local, regional and state government, federal agencies, not-for-profit and for-profit corporations. These linkages sometimes require that designated members of this community have direct entry to off-campus access to information resources.
Community entry to off-campus access is a process that begins with a request by a Program Center manager to the Vice President for Academic Affairs or the Vice President for Administration, as appropriate. The Program Center shall provide the following information:
1. Name of the individual or organization
2. Number of individual accounts requested
3. Nature of the affiliation with CSUS including, but not limited to, a short description of any agreements referencing mission, goals and objectives; management and/or reporting structure within the University; financial relationship, etc.
4. Characteristic service access required, i.e., E-mail, Internet, Library and data base retrieval, Gopher and World Wide Web, specific CSUS computer platforms, applications, storage requirements, etc.
5. Rationale and need for providing access
6. Duration of service access, i.e., monthly with an end termination date, or annual renewal
7. Whether access is to "University Sponsored" or "Program Center Sponsored" resources; and specifically what program or department centered resource
8. Whether the cost of access will be underwritten by the University, the Program Center or Department, or financial supported through a subscription mechanism
The Vice President for Academic Affairs or the Vice President for Administration may, at their discretion, deny a petition for community access with or without cause, suggest an alternative methodology for underwriting access and/or recommend an access request to the Telecommunications Management Committee (TMC) for their action.
TMC shall, on an annual basis, review all off-campus access projects for community entry. TMC shall also annually review all rate costs and subscription fees, rules and regulations as developed by CCMS and the Program Centers as a means to support and deploy community entry.
Last Updated: February 20, 2006